Sophia Yoo <sy6@xxxxxxxxxxxxx> writes: >> > This is a real use case as part of a larger design I am working on. >> > However, given that redirect from TC egress to XDP_DRV_MODE ingress >> > fundamentally doesn't work, I am rethinking other options to the >> > design. Alternatively, it seems that support for XDP_REDIRECT from >> > egress to ingress is currently in the works, although I don't believe >> > the patch has yet been applied to the mainstream kernel. >> >> Huh, really? Haven't seen that, got a link? > > This is where I saw the discussion for adding XDP support in the > egress path https://lwn.net/Articles/818591/, which if I am > understanding correctly is also proposing to add the XDP_REDIRECT > support on egress. Ah, right, that series. There was extensive discussion on a later version: https://lore.kernel.org/r/20200513014607.40418-1-dsahern@xxxxxxxxxx we ended up dropping it in favour of having programs in devmap entries. So that effort is abandoned, and I don't think you'll get very far experimenting with that series. > (Also, for completeness sake, this is the man page > for bpf_redirect() that says currently XDP only supports redirection > from ingress to egress, and does not have egress to ingress > redirection. https://man7.org/linux/man-pages/man7/bpf-helpers.7.html) > Do you have any insight into whether/when this XDP_REDIRECT > functionality on egress will be added to the kernel? It may happen eventually (there are use cases for some kind of egress hook), but whether it will end up covering data coming from the host (as opposed to XDP-forwarded traffic) is less certain, cf the discussion I linked above... As for a timeline, just as soon as someone sits down and adds it :) -Toke
|